API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 9th, 2018
277
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 33.63 KB | None | 0 0
raw download clone embed print report
  1. ================================
  2. Make MS Bulletin Great Again / MMSBGA
  3. --------------------------------
  4. Microsoft Security Bulletin for: 09-2018
  5. Update ID:{2018-Sep}
  6. Release date:{2018-10-04T07:00:00Z}
  7. Real release date:{2018-09-01T01:00:00Z} (mmsbga patch)
  8. Alias:{2018-Sep}
  9. Title:{September 2018 Security Updates}
  10. --------------------------------
  11.  
  12. MS18-111 Vulnerabilities in Internet Explorer (6 CVE)
  13. Affected:
  14. ChakraCore
  15. Internet Explorer 10 on Windows Server 2012
  16. Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems
  17. Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems
  18. Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems
  19. Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems
  20. Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems
  21. Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems
  22. Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems
  23. Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems
  24. Internet Explorer 11 on Windows 10 for 32-bit Systems
  25. Internet Explorer 11 on Windows 10 for x64-based Systems
  26. Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1
  27. Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1
  28. Internet Explorer 11 on Windows 8.1 for 32-bit systems
  29. Internet Explorer 11 on Windows 8.1 for x64-based systems
  30. Internet Explorer 11 on Windows RT 8.1
  31. Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
  32. Internet Explorer 11 on Windows Server 2012 R2
  33. Internet Explorer 11 on Windows Server 2016
  34. Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2
  35. Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2
  36. Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems
  37. Microsoft Edge on Windows 10 Version 1607 for x64-based Systems
  38. Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems
  39. Microsoft Edge on Windows 10 Version 1703 for x64-based Systems
  40. Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems
  41. Microsoft Edge on Windows 10 Version 1709 for x64-based Systems
  42. Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems
  43. Microsoft Edge on Windows 10 Version 1803 for x64-based Systems
  44. Microsoft Edge on Windows 10 for 32-bit Systems
  45. Microsoft Edge on Windows 10 for x64-based Systems
  46. Microsoft Edge on Windows Server 2016
  47. Exploit:
  48. 1 x Security Feature Bypass
  49. 3 x Remote Code Execution
  50. 2 x Information Disclosure
  51. Published: CVE-2018-8457
  52. Credits:
  53. Microsoft Chakra Core Team (CVE-2018-8457)
  54. ca0nguyen par Trend Micro's Zero Day Initiative (CVE-2018-8461, CVE-2018-8447)
  55. ? (CVE-2018-8452, CVE-2018-8315)
  56. Masato Kinugawa de Cure53 (CVE-2018-8470)
  57.  
  58. MS18-112 Vulnerabilities in Edge (15 CVE)
  59. Affected:
  60. ChakraCore
  61. Internet Explorer 10 on Windows Server 2012
  62. Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems
  63. Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems
  64. Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems
  65. Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems
  66. Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems
  67. Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems
  68. Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems
  69. Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems
  70. Internet Explorer 11 on Windows 10 for 32-bit Systems
  71. Internet Explorer 11 on Windows 10 for x64-based Systems
  72. Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1
  73. Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1
  74. Internet Explorer 11 on Windows 8.1 for 32-bit systems
  75. Internet Explorer 11 on Windows 8.1 for x64-based systems
  76. Internet Explorer 11 on Windows RT 8.1
  77. Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
  78. Internet Explorer 11 on Windows Server 2012 R2
  79. Internet Explorer 11 on Windows Server 2016
  80. Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems
  81. Microsoft Edge on Windows 10 Version 1607 for x64-based Systems
  82. Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems
  83. Microsoft Edge on Windows 10 Version 1703 for x64-based Systems
  84. Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems
  85. Microsoft Edge on Windows 10 Version 1709 for x64-based Systems
  86. Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems
  87. Microsoft Edge on Windows 10 Version 1803 for x64-based Systems
  88. Microsoft Edge on Windows 10 for 32-bit Systems
  89. Microsoft Edge on Windows 10 for x64-based Systems
  90. Microsoft Edge on Windows Server 2016
  91. Exploit:
  92. 1 x Spoofing
  93. 9 x Remote Code Execution
  94. 3 x Information Disclosure
  95. 2 x Elevation of Privilege
  96. Published: CVE-2018-8457
  97. Credits:
  98. Jun Kokatsu, Windows & Devices Group - Operating System Security Team, James Lee @Windowsrcer de Kryptos Logic (CVE-2018-8366)
  99. Yuki Chen de Qihoo 360 Vulcan Team, Qixun Zhao de Qihoo 360 Vulcan Team, Ryoyichi par Trend Micro's Zero Day Initiative (CVE-2018-8367)
  100. Qixun Zhao de Qihoo 360 Vulcan Team, Lokihardt de Google Project Zero (CVE-2018-8467)
  101. Yu Zhou de Ant-financial Light-Year Security Lab (CVE-2018-8459)
  102. Michael Holman, Microsoft Chakra Core Team (CVE-2018-8354)
  103. Omri Herscovici de Check Point (CVE-2018-8464)
  104. Microsoft Chakra Core Team (CVE-2018-8457)
  105. Jonathan Birch de Microsoft Corporation (CVE-2018-8425)
  106. Qixun Zhao de Qihoo 360 Vulcan Team (CVE-2018-8456)
  107. ? (CVE-2018-8452, CVE-2018-8465, CVE-2018-8315)
  108. Lokihardt de Google Project Zero (CVE-2018-8466, CVE-2018-8463, CVE-2018-8469)
  109.  
  110. MS18-113 Vulnerabilities in Hyper-V (7 CVE)
  111. Affected:
  112. Windows 10 Version 1607 for 32-bit Systems
  113. Windows 10 Version 1607 for x64-based Systems
  114. Windows 10 Version 1703 for 32-bit Systems
  115. Windows 10 Version 1703 for x64-based Systems
  116. Windows 10 Version 1709 for 32-bit Systems
  117. Windows 10 Version 1709 for x64-based Systems
  118. Windows 10 Version 1803 for 32-bit Systems
  119. Windows 10 Version 1803 for x64-based Systems
  120. Windows 10 for 32-bit Systems
  121. Windows 10 for x64-based Systems
  122. Windows 7 for x64-based Systems Service Pack 1
  123. Windows 8.1 for 32-bit systems
  124. Windows 8.1 for x64-based systems
  125. Windows RT 8.1
  126. Windows Server 2008 R2 for x64-based Systems Service Pack 1
  127. Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  128. Windows Server 2008 for x64-based Systems Service Pack 2
  129. Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  130. Windows Server 2012
  131. Windows Server 2012 (Server Core installation)
  132. Windows Server 2012 R2
  133. Windows Server 2012 R2 (Server Core installation)
  134. Windows Server 2016
  135. Windows Server 2016 (Server Core installation)
  136. Windows Server, version 1709 (Server Core Installation)
  137. Windows Server, version 1803 (Server Core Installation)
  138. Exploit:
  139. 3 x Denial of Service
  140. 2 x Remote Code Execution
  141. 1 x Security Feature Bypass
  142. 1 x Information Disclosure
  143. Credits:
  144. Peter Hlavaty (@zer0mem), KeenLab, Tencent (CVE-2018-8437)
  145. Peter Hlavaty (@zer0mem), KeenLab at Tencent (CVE-2018-8436)
  146. Deepti Bhardwaj, Microsoft Base Kernel Team, Nick Freeman (CVE-2018-8438)
  147. Giwan Go, Hyoung-Kee Choi in HIT Lab at Sungkyunkwan University (CVE-2018-8434)
  148. Daniel King (@long123king), MSRC Microsoft (CVE-2018-8439)
  149. Niels Ferguson de Microsoft Corporation (CVE-2018-8435)
  150. ? (CVE-2018-0965)
  151.  
  152. MS18-114 Vulnerabilities in Windows (3 CVE)
  153. Affected:
  154. Windows 10 Version 1607 for 32-bit Systems
  155. Windows 10 Version 1607 for x64-based Systems
  156. Windows 10 Version 1703 for 32-bit Systems
  157. Windows 10 Version 1703 for x64-based Systems
  158. Windows 10 Version 1709 for 32-bit Systems
  159. Windows 10 Version 1709 for x64-based Systems
  160. Windows 10 Version 1803 for 32-bit Systems
  161. Windows 10 Version 1803 for x64-based Systems
  162. Windows 10 for 32-bit Systems
  163. Windows 10 for x64-based Systems
  164. Windows 7 for 32-bit Systems Service Pack 1
  165. Windows 7 for x64-based Systems Service Pack 1
  166. Windows 8.1 for 32-bit systems
  167. Windows 8.1 for x64-based systems
  168. Windows RT 8.1
  169. Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
  170. Windows Server 2008 R2 for x64-based Systems Service Pack 1
  171. Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  172. Windows Server 2008 for 32-bit Systems Service Pack 2
  173. Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  174. Windows Server 2008 for Itanium-Based Systems Service Pack 2
  175. Windows Server 2008 for x64-based Systems Service Pack 2
  176. Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  177. Windows Server 2012
  178. Windows Server 2012 (Server Core installation)
  179. Windows Server 2012 R2
  180. Windows Server 2012 R2 (Server Core installation)
  181. Windows Server 2016
  182. Windows Server 2016 (Server Core installation)
  183. Windows Server, version 1709 (Server Core Installation)
  184. Windows Server, version 1803 (Server Core Installation)
  185. Exploit:
  186. 1 x Remote Code Execution
  187. 1 x Information Disclosure
  188. 1 x Elevation of Privilege
  189. Published: CVE-2018-8475
  190. Credits:
  191. Ruibo Liu de Baidu XLab Tianya Team, Amichai Shulman Tal Be'ery (CVE-2018-8271)
  192. ? (CVE-2018-8475)
  193. Lokihardt de Google Project Zero (CVE-2018-8468)
  194.  
  195. MS18-115 Vulnerabilities in .Net (3 CVE)
  196. Affected:
  197. .NET Core 2.1
  198. ASP.NET Core 2.1
  199. Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2
  200. Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2
  201. Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2
  202. Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2
  203. Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2
  204. Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2
  205. Microsoft .NET Framework 3.5 on Windows 10 Version 1607 for 32-bit Systems
  206. Microsoft .NET Framework 3.5 on Windows 10 Version 1607 for x64-based Systems
  207. Microsoft .NET Framework 3.5 on Windows 10 Version 1703 for 32-bit Systems
  208. Microsoft .NET Framework 3.5 on Windows 10 Version 1703 for x64-based Systems
  209. Microsoft .NET Framework 3.5 on Windows 10 Version 1709 for 32-bit Systems
  210. Microsoft .NET Framework 3.5 on Windows 10 Version 1709 for x64-based Systems
  211. Microsoft .NET Framework 3.5 on Windows 10 Version 1803 for 32-bit Systems
  212. Microsoft .NET Framework 3.5 on Windows 10 Version 1803 for x64-based Systems
  213. Microsoft .NET Framework 3.5 on Windows 10 for 32-bit Systems
  214. Microsoft .NET Framework 3.5 on Windows 10 for x64-based Systems
  215. Microsoft .NET Framework 3.5 on Windows 8.1 for 32-bit systems
  216. Microsoft .NET Framework 3.5 on Windows 8.1 for x64-based systems
  217. Microsoft .NET Framework 3.5 on Windows Server 2012
  218. Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation)
  219. Microsoft .NET Framework 3.5 on Windows Server 2012 R2
  220. Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation)
  221. Microsoft .NET Framework 3.5 on Windows Server 2016
  222. Microsoft .NET Framework 3.5 on Windows Server 2016 (Server Core installation)
  223. Microsoft .NET Framework 3.5 on Windows Server, version 1709 (Server Core Installation)
  224. Microsoft .NET Framework 3.5 on Windows Server, version 1803 (Server Core Installation)
  225. Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1
  226. Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems Service Pack 1
  227. Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
  228. Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
  229. Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  230. Microsoft .NET Framework 4.5.2 on Windows 7 for 32-bit Systems Service Pack 1
  231. Microsoft .NET Framework 4.5.2 on Windows 7 for x64-based Systems Service Pack 1
  232. Microsoft .NET Framework 4.5.2 on Windows 8.1 for 32-bit systems
  233. Microsoft .NET Framework 4.5.2 on Windows 8.1 for x64-based systems
  234. Microsoft .NET Framework 4.5.2 on Windows RT 8.1
  235. Microsoft .NET Framework 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
  236. Microsoft .NET Framework 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  237. Microsoft .NET Framework 4.5.2 on Windows Server 2008 for 32-bit Systems Service Pack 2
  238. Microsoft .NET Framework 4.5.2 on Windows Server 2008 for x64-based Systems Service Pack 2
  239. Microsoft .NET Framework 4.5.2 on Windows Server 2012
  240. Microsoft .NET Framework 4.5.2 on Windows Server 2012 (Server Core installation)
  241. Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2
  242. Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2 (Server Core installation)
  243. Microsoft .NET Framework 4.6 on Windows Server 2008 for 32-bit Systems Service Pack 2
  244. Microsoft .NET Framework 4.6 on Windows Server 2008 for x64-based Systems Service Pack 2
  245. Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems
  246. Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems
  247. Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016
  248. Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation)
  249. Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 7 for 32-bit Systems Service Pack 1
  250. Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 7 for x64-based Systems Service Pack 1
  251. Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 8.1 for 32-bit systems
  252. Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 8.1 for x64-based systems
  253. Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows RT 8.1
  254. Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
  255. Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  256. Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012
  257. Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation)
  258. Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 R2
  259. Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation)
  260. Microsoft .NET Framework 4.7.1/4.7.2 on Windows 10 Version 1709 for 32-bit Systems
  261. Microsoft .NET Framework 4.7.1/4.7.2 on Windows 10 Version 1709 for x64-based Systems
  262. Microsoft .NET Framework 4.7.1/4.7.2 on Windows Server, version 1709 (Server Core Installation)
  263. Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for 32-bit Systems
  264. Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for x64-based Systems
  265. Microsoft .NET Framework 4.7.2 on Windows Server, version 1803 (Server Core Installation)
  266. Microsoft .NET Framework 4.7/4.7.1/4.7.2 on Windows 10 Version 1703 for 32-bit Systems
  267. Microsoft .NET Framework 4.7/4.7.1/4.7.2 on Windows 10 Version 1703 for x64-based Systems
  268. Microsoft.Data.OData
  269. System.IO.Pipelines
  270. Exploit:
  271. 2 x Denial of Service
  272. 1 x Remote Code Execution
  273. Published: CVE-2018-8409
  274. Credits:
  275. Gil Mirmovitch de Aleph Research, HCL Technologies (CVE-2018-8269)
  276. ? (CVE-2018-8409)
  277. Soroush Dalili de NCC Group (CVE-2018-8421)
  278.  
  279. MS18-116 Vulnerabilities in Microsoft Win32K and/or Graphics Component (2 CVE)
  280. Affected:
  281. Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions
  282. Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions
  283. Microsoft Office 2016 for Mac
  284. Windows 10 Version 1607 for 32-bit Systems
  285. Windows 10 Version 1607 for x64-based Systems
  286. Windows 10 Version 1703 for 32-bit Systems
  287. Windows 10 Version 1703 for x64-based Systems
  288. Windows 10 Version 1709 for 32-bit Systems
  289. Windows 10 Version 1709 for x64-based Systems
  290. Windows 10 Version 1803 for 32-bit Systems
  291. Windows 10 Version 1803 for x64-based Systems
  292. Windows 10 for 32-bit Systems
  293. Windows 10 for x64-based Systems
  294. Windows 7 for 32-bit Systems Service Pack 1
  295. Windows 7 for x64-based Systems Service Pack 1
  296. Windows 8.1 for 32-bit systems
  297. Windows 8.1 for x64-based systems
  298. Windows RT 8.1
  299. Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
  300. Windows Server 2008 R2 for x64-based Systems Service Pack 1
  301. Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  302. Windows Server 2008 for 32-bit Systems Service Pack 2
  303. Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  304. Windows Server 2008 for Itanium-Based Systems Service Pack 2
  305. Windows Server 2008 for x64-based Systems Service Pack 2
  306. Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  307. Windows Server 2012
  308. Windows Server 2012 (Server Core installation)
  309. Windows Server 2012 R2
  310. Windows Server 2012 R2 (Server Core installation)
  311. Windows Server 2016
  312. Windows Server 2016 (Server Core installation)
  313. Windows Server, version 1709 (Server Core Installation)
  314. Windows Server, version 1803 (Server Core Installation)
  315. Exploit:
  316. 1 x Remote Code Execution
  317. 1 x Elevation of Privilege
  318. Credits:
  319. Hossein Lotfi, Secunia Research at Flexera (CVE-2018-8332)
  320. Mauro Leggieri de TRAPMINE Inc., James Forshaw de Google Project Zero (CVE-2018-8410)
  321.  
  322. MS18-117 Vulnerability in Scripting Engine (JScript and/or VBScript) (1 CVE)
  323. Affected:
  324. ChakraCore
  325. Exploit:
  326. 1 x Remote Code Execution
  327. Credits:
  328. Qixun Zhao de Qihoo 360 Vulcan Team (CVE-2018-8391)
  329.  
  330. MS18-118 Vulnerability in MSXML (1 CVE)
  331. Affected:
  332. Windows 10 Version 1607 for 32-bit Systems
  333. Windows 10 Version 1607 for x64-based Systems
  334. Windows 10 Version 1703 for 32-bit Systems
  335. Windows 10 Version 1703 for x64-based Systems
  336. Windows 10 Version 1709 for 32-bit Systems
  337. Windows 10 Version 1709 for x64-based Systems
  338. Windows 10 Version 1803 for 32-bit Systems
  339. Windows 10 Version 1803 for x64-based Systems
  340. Windows 10 for 32-bit Systems
  341. Windows 10 for x64-based Systems
  342. Windows 7 for 32-bit Systems Service Pack 1
  343. Windows 7 for x64-based Systems Service Pack 1
  344. Windows 8.1 for 32-bit systems
  345. Windows 8.1 for x64-based systems
  346. Windows RT 8.1
  347. Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
  348. Windows Server 2008 R2 for x64-based Systems Service Pack 1
  349. Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  350. Windows Server 2008 for 32-bit Systems Service Pack 2
  351. Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  352. Windows Server 2008 for Itanium-Based Systems Service Pack 2
  353. Windows Server 2008 for x64-based Systems Service Pack 2
  354. Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  355. Windows Server 2012
  356. Windows Server 2012 (Server Core installation)
  357. Windows Server 2012 R2
  358. Windows Server 2012 R2 (Server Core installation)
  359. Windows Server 2016
  360. Windows Server 2016 (Server Core installation)
  361. Windows Server, version 1709 (Server Core Installation)
  362. Windows Server, version 1803 (Server Core Installation)
  363. Exploit:
  364. 1 x Remote Code Execution
  365. Credits:
  366. Anonymous par Trend Micro's Zero Day Initiative (CVE-2018-8420)
  367.  
  368. MS18-119 Vulnerabilities in Windows Kernel (7 CVE)
  369. Affected:
  370. Windows 10 Version 1607 for 32-bit Systems
  371. Windows 10 Version 1607 for x64-based Systems
  372. Windows 10 Version 1703 for 32-bit Systems
  373. Windows 10 Version 1703 for x64-based Systems
  374. Windows 10 Version 1709 for 32-bit Systems
  375. Windows 10 Version 1709 for x64-based Systems
  376. Windows 10 Version 1803 for 32-bit Systems
  377. Windows 10 Version 1803 for x64-based Systems
  378. Windows 10 for 32-bit Systems
  379. Windows 10 for x64-based Systems
  380. Windows 7 for 32-bit Systems Service Pack 1
  381. Windows 7 for x64-based Systems Service Pack 1
  382. Windows 8.1 for 32-bit systems
  383. Windows 8.1 for x64-based systems
  384. Windows RT 8.1
  385. Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
  386. Windows Server 2008 R2 for x64-based Systems Service Pack 1
  387. Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  388. Windows Server 2008 for 32-bit Systems Service Pack 2
  389. Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  390. Windows Server 2008 for Itanium-Based Systems Service Pack 2
  391. Windows Server 2008 for x64-based Systems Service Pack 2
  392. Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  393. Windows Server 2012
  394. Windows Server 2012 (Server Core installation)
  395. Windows Server 2012 R2
  396. Windows Server 2012 R2 (Server Core installation)
  397. Windows Server 2016
  398. Windows Server 2016 (Server Core installation)
  399. Windows Server, version 1709 (Server Core Installation)
  400. Windows Server, version 1803 (Server Core Installation)
  401. Exploit:
  402. 6 x Information Disclosure
  403. 1 x Elevation of Privilege
  404. Credits:
  405. Tanghui Chen de Baidu XLab Tianya Team (CVE-2018-8419)
  406. Haikuo Xie de Baidu Security Lab par Trend Micro's Zero Day Initiative (CVE-2018-8336)
  407. Tanghui Chen de Baidu X-Lab Tianya Team (CVE-2018-8442, CVE-2018-8443)
  408. Alex Ionescu, CrowdStrike Inc. (CVE-2018-8445)
  409. Ruibo Liu de Baidu X-Lab Tianya Team (CVE-2018-8446)
  410. ? (CVE-2018-8455)
  411.  
  412. MS18-120 Vulnerabilities in Office (5 CVE)
  413. Affected:
  414. Microsoft Excel 2010 Service Pack 2 (32-bit editions)
  415. Microsoft Excel 2010 Service Pack 2 (64-bit editions)
  416. Microsoft Excel 2013 RT Service Pack 1
  417. Microsoft Excel 2013 Service Pack 1 (32-bit editions)
  418. Microsoft Excel 2013 Service Pack 1 (64-bit editions)
  419. Microsoft Excel 2016 (32-bit edition)
  420. Microsoft Excel 2016 (64-bit edition)
  421. Microsoft Excel Viewer 2007 Service Pack 3
  422. Microsoft Lync for Mac 2011
  423. Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions
  424. Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions
  425. Microsoft Office 2016 for Mac
  426. Microsoft Office Compatibility Pack Service Pack 3
  427. Microsoft SharePoint Enterprise Server 2013 Service Pack 1
  428. Microsoft SharePoint Enterprise Server 2016
  429. Microsoft SharePoint Server 2010 Service Pack 2
  430. Microsoft Word 2013 RT Service Pack 1
  431. Microsoft Word 2013 Service Pack 1 (32-bit editions)
  432. Microsoft Word 2013 Service Pack 1 (64-bit editions)
  433. Microsoft Word 2016 (32-bit edition)
  434. Microsoft Word 2016 (64-bit edition)
  435. Exploit:
  436. 1 x Security Feature Bypass
  437. 2 x Remote Code Execution
  438. 2 x Information Disclosure
  439. Credits:
  440. Paul Burkeland de TrustedSec (CVE-2018-8474)
  441. Nicolas Joly de Microsoft Corporation (CVE-2018-8331)
  442. Ashar Javed de Hyundai AutoEver Europe GmbH (CVE-2018-8426)
  443. Jaanus Kp Clarified Security par Trend Micro's Zero Day Initiative (CVE-2018-8429)
  444. Omri Herscovici de Check Point (CVE-2018-8430)
  445.  
  446. MS18-121 Vulnerabilities in Microsoft Graphics (GDI) (3 CVE)
  447. Affected:
  448. Windows 10 Version 1607 for 32-bit Systems
  449. Windows 10 Version 1607 for x64-based Systems
  450. Windows 10 Version 1703 for 32-bit Systems
  451. Windows 10 Version 1703 for x64-based Systems
  452. Windows 10 Version 1709 for 32-bit Systems
  453. Windows 10 Version 1709 for x64-based Systems
  454. Windows 10 Version 1803 for 32-bit Systems
  455. Windows 10 Version 1803 for x64-based Systems
  456. Windows 10 for 32-bit Systems
  457. Windows 10 for x64-based Systems
  458. Windows 7 for 32-bit Systems Service Pack 1
  459. Windows 7 for x64-based Systems Service Pack 1
  460. Windows 8.1 for 32-bit systems
  461. Windows 8.1 for x64-based systems
  462. Windows RT 8.1
  463. Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
  464. Windows Server 2008 R2 for x64-based Systems Service Pack 1
  465. Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  466. Windows Server 2008 for 32-bit Systems Service Pack 2
  467. Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  468. Windows Server 2008 for Itanium-Based Systems Service Pack 2
  469. Windows Server 2008 for x64-based Systems Service Pack 2
  470. Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  471. Windows Server 2012
  472. Windows Server 2012 (Server Core installation)
  473. Windows Server 2012 R2
  474. Windows Server 2012 R2 (Server Core installation)
  475. Windows Server 2016
  476. Windows Server 2016 (Server Core installation)
  477. Windows Server, version 1709 (Server Core Installation)
  478. Windows Server, version 1803 (Server Core Installation)
  479. Exploit:
  480. 3 x Information Disclosure
  481. Credits:
  482. Vladislav Stolyarov de Kaspersky Lab (CVE-2018-8422)
  483. willJ par Trend Micro's Zero Day Initiative (CVE-2018-8424)
  484. Behzad Najjarpour Jabbari, Secunia Research at Flexera (CVE-2018-8433)
  485.  
  486. MS18-122 Vulnerabilities in Windows Subsystem for Linux (2 CVE)
  487. Affected:
  488. Windows 10 Version 1709 for 32-bit Systems
  489. Windows 10 Version 1709 for x64-based Systems
  490. Windows 10 Version 1803 for 32-bit Systems
  491. Windows 10 Version 1803 for x64-based Systems
  492. Windows Server, version 1709 (Server Core Installation)
  493. Windows Server, version 1803 (Server Core Installation)
  494. Exploit:
  495. 1 x Security Feature Bypass
  496. 1 x Elevation of Privilege
  497. Credits:
  498. Michael Weber de NCC Group (CVE-2018-8337)
  499. Anthony LAOU HINE TSUEI de Tencent Keen Security Lab (CVE-2018-8441)
  500.  
  501. MS18-123 Vulnerabilities in SharePoint (2 CVE)
  502. Affected:
  503. Microsoft SharePoint Enterprise Server 2013 Service Pack 1
  504. Microsoft SharePoint Enterprise Server 2016
  505. Microsoft SharePoint Server 2010 Service Pack 2
  506. Exploit:
  507. 1 x Information Disclosure
  508. 1 x Elevation of Privilege
  509. Credits:
  510. Ashar Javed de Hyundai AutoEver Europe GmbH (CVE-2018-8431, CVE-2018-8428)
  511.  
  512. MS18-124 Vulnerabilities in JET Database Engine (2 CVE)
  513. Affected:
  514. Windows 10 Version 1607 for 32-bit Systems
  515. Windows 10 Version 1607 for x64-based Systems
  516. Windows 10 Version 1703 for 32-bit Systems
  517. Windows 10 Version 1703 for x64-based Systems
  518. Windows 10 Version 1709 for 32-bit Systems
  519. Windows 10 Version 1709 for x64-based Systems
  520. Windows 10 Version 1803 for 32-bit Systems
  521. Windows 10 Version 1803 for x64-based Systems
  522. Windows 10 for 32-bit Systems
  523. Windows 10 for x64-based Systems
  524. Windows 7 for 32-bit Systems Service Pack 1
  525. Windows 7 for x64-based Systems Service Pack 1
  526. Windows 8.1 for 32-bit systems
  527. Windows 8.1 for x64-based systems
  528. Windows RT 8.1
  529. Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
  530. Windows Server 2008 R2 for x64-based Systems Service Pack 1
  531. Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  532. Windows Server 2008 for 32-bit Systems Service Pack 2
  533. Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  534. Windows Server 2008 for Itanium-Based Systems Service Pack 2
  535. Windows Server 2008 for x64-based Systems Service Pack 2
  536. Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  537. Windows Server 2012
  538. Windows Server 2012 (Server Core installation)
  539. Windows Server 2012 R2
  540. Windows Server 2012 R2 (Server Core installation)
  541. Windows Server 2016
  542. Windows Server 2016 (Server Core installation)
  543. Windows Server, version 1709 (Server Core Installation)
  544. Windows Server, version 1803 (Server Core Installation)
  545. Exploit:
  546. 2 x Remote Code Execution
  547. Credits:
  548. Lucas Leong (@wmliang) de Trend Micro Security Research par Trend Micro's Zero Day Initiative (CVE-2018-8393)
  549. Honggang Ren de Fortinet's FortiGuard Labs, Pengsu Cheng de Trend Micro Security Research par Trend Micro's Zero Day Initiative (CVE-2018-8392)
  550.  
  551. MS18-125 Vulnerabilities in Windows SMB (2 CVE)
  552. Affected:
  553. Windows 10 Version 1607 for 32-bit Systems
  554. Windows 10 Version 1607 for x64-based Systems
  555. Windows 10 Version 1703 for 32-bit Systems
  556. Windows 10 Version 1703 for x64-based Systems
  557. Windows 10 Version 1709 for 32-bit Systems
  558. Windows 10 Version 1709 for x64-based Systems
  559. Windows 10 Version 1803 for 32-bit Systems
  560. Windows 10 Version 1803 for x64-based Systems
  561. Windows 10 for 32-bit Systems
  562. Windows 10 for x64-based Systems
  563. Windows 8.1 for 32-bit systems
  564. Windows 8.1 for x64-based systems
  565. Windows RT 8.1
  566. Windows Server 2012
  567. Windows Server 2012 (Server Core installation)
  568. Windows Server 2012 R2
  569. Windows Server 2012 R2 (Server Core installation)
  570. Windows Server 2016
  571. Windows Server 2016 (Server Core installation)
  572. Windows Server, version 1709 (Server Core Installation)
  573. Windows Server, version 1803 (Server Core Installation)
  574. Exploit:
  575. 1 x Denial of Service
  576. 1 x Information Disclosure
  577. Credits:
  578. Peter Hlavaty @zer0mem de keenlab at tencent (CVE-2018-8335)
  579. Haikuo Xie de Baidu Security Lab (CVE-2018-8444)
  580.  
  581. MS18-126 Vulnerability in Windows RCP (Advanced Local Procedure Call/ALPC) (1 CVE)
  582. Affected:
  583. Windows 10 Version 1607 for 32-bit Systems
  584. Windows 10 Version 1607 for x64-based Systems
  585. Windows 10 Version 1703 for 32-bit Systems
  586. Windows 10 Version 1703 for x64-based Systems
  587. Windows 10 Version 1709 for 32-bit Systems
  588. Windows 10 Version 1709 for x64-based Systems
  589. Windows 10 Version 1803 for 32-bit Systems
  590. Windows 10 Version 1803 for x64-based Systems
  591. Windows 10 for 32-bit Systems
  592. Windows 10 for x64-based Systems
  593. Windows 7 for 32-bit Systems Service Pack 1
  594. Windows 7 for x64-based Systems Service Pack 1
  595. Windows 8.1 for 32-bit systems
  596. Windows 8.1 for x64-based systems
  597. Windows RT 8.1
  598. Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
  599. Windows Server 2008 R2 for x64-based Systems Service Pack 1
  600. Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  601. Windows Server 2008 for 32-bit Systems Service Pack 2
  602. Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  603. Windows Server 2008 for Itanium-Based Systems Service Pack 2
  604. Windows Server 2008 for x64-based Systems Service Pack 2
  605. Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  606. Windows Server 2012
  607. Windows Server 2012 (Server Core installation)
  608. Windows Server 2012 R2
  609. Windows Server 2012 R2 (Server Core installation)
  610. Windows Server 2016
  611. Windows Server 2016 (Server Core installation)
  612. Windows Server, version 1709 (Server Core Installation)
  613. Windows Server, version 1803 (Server Core Installation)
  614. Exploit:
  615. 1 x Elevation of Privilege
  616. Published: CVE-2018-8440
  617. Exploited: CVE-2018-8440
  618. Credits:
  619. ? (CVE-2018-8440)
  620.  
  621. MS18-127 Vulnerability in Device Guard (1 CVE)
  622. Affected:
  623. Windows 10 Version 1607 for 32-bit Systems
  624. Windows 10 Version 1607 for x64-based Systems
  625. Windows 10 Version 1703 for 32-bit Systems
  626. Windows 10 Version 1703 for x64-based Systems
  627. Windows 10 Version 1709 for 32-bit Systems
  628. Windows 10 Version 1709 for x64-based Systems
  629. Windows 10 Version 1803 for 32-bit Systems
  630. Windows 10 Version 1803 for x64-based Systems
  631. Windows 10 for 32-bit Systems
  632. Windows 10 for x64-based Systems
  633. Windows Server 2016
  634. Windows Server 2016 (Server Core installation)
  635. Windows Server, version 1709 (Server Core Installation)
  636. Windows Server, version 1803 (Server Core Installation)
  637. Exploit:
  638. 1 x Security Feature Bypass
  639. Credits:
  640. James Forshaw de Google Project Zero (CVE-2018-8449)
  641.  
  642. MS18-128 Vulnerability in Azure IoT SDK (1 CVE)
  643. Affected:
  644. C SDK for Azure IoT
  645. Exploit:
  646. 1 x Spoofing
  647. Credits:
  648. ? (CVE-2018-8479)
  649.  
  650. MS18-129 Vulnerability in DirectX (1 CVE)
  651. Affected:
  652. Windows 10 Version 1607 for 32-bit Systems
  653. Windows 10 Version 1607 for x64-based Systems
  654. Windows 10 Version 1703 for 32-bit Systems
  655. Windows 10 Version 1703 for x64-based Systems
  656. Windows 10 Version 1709 for 32-bit Systems
  657. Windows 10 Version 1709 for x64-based Systems
  658. Windows 10 Version 1803 for 32-bit Systems
  659. Windows 10 Version 1803 for x64-based Systems
  660. Windows 10 for 32-bit Systems
  661. Windows 10 for x64-based Systems
  662. Windows Server 2016
  663. Windows Server 2016 (Server Core installation)
  664. Windows Server, version 1709 (Server Core Installation)
  665. Windows Server, version 1803 (Server Core Installation)
  666. Exploit:
  667. 1 x Elevation of Privilege
  668. Credits:
  669. ChenNan and RanchoIce de Tencent ZhanluLab par Trend Micro's Zero Day Initiative, Communications Security Establishment (CVE-2018-8462)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!